Attempts usually use standard usernames such as "ADMINISTRATOR". Each attempt has a different password. To prevent even the small chance of unauthorized access, disable the FTP port while you are not using it (go to Network > Services and untick the FTP check box).